作者 主題: 請大家幫我看一段 TCPDUMP.  (閱讀 4000 次)

0 會員 與 1 訪客 正在閱讀本文。

godispower

  • 憂鬱的高中生
  • ***
  • 文章數: 121
    • 檢視個人資料
請大家幫我看一段 TCPDUMP.
« 於: 2010-03-15 04:38 »
最近打入tcpdump

就一直看到如下 xxx.xxx.xx.xxx是我的IP
14:36:44.765484 201.80.161.209.18828 > xxx.xxx.xx.xxx.23085: udp 62
14:36:44.798386 116.238.182.116.32189 > xxx.xxx.xx.xxx.23085: udp 98
14:36:44.918640 68.217.50.148.50640 > xxx.xxx.xx.xxx.23085: udp 103
14:36:45.096760 xxx.xxx.xx.xxx.22522 > 216.52.233.73.12975: P 1856323636:1856323720(84) ack 3880846351 win 65535
14:36:45.153150 78.39.142.97.10408 > xxx.xxx.xx.xxx.23085: udp 98
14:36:45.264255 58.242.87.130.30849 > xxx.xxx.xx.xxx.23085: udp 98
14:36:45.340536 216.52.233.73.12975 > xxx.xxx.xx.xxx.22522: . ack 84 win 64196 (DF)
14:36:45.815445 67.250.85.142.33870 > xxx.xxx.xx.xxx.23085: udp 103
14:36:45.854872 115.135.219.31.16881 > xxx.xxx.xx.xxx.23085: udp 62
14:36:46.339710 58.24.37.179.55133 > xxx.xxx.xx.xxx.23085: udp 98
14:36:46.557145 95.105.9.95.20114 > xxx.xxx.xx.xxx.23085: udp 101
14:36:46.783282 95.42.121.22.32346 > xxx.xxx.xx.xxx.23085: udp 62
14:36:47.392327 94.180.86.98.28727 > xxx.xxx.xx.xxx.23085: udp 98
14:36:47.516487 187.58.107.208.4041 > xxx.xxx.xx.xxx.23085: udp 98
14:36:47.784804 95.42.121.22.32346 > xxx.xxx.xx.xxx.23085: udp 62
14:36:47.845702 88.163.166.88.12207 > xxx.xxx.xx.xxx.23085: udp 101
14:36:47.899013 83.204.11.14.16259 > xxx.xxx.xx.xxx.23085: udp 98
14:36:48.023052 99.235.114.165.4290 > xxx.xxx.xx.xxx.23085: udp 98
14:36:48.417325 213.171.34.224.61083 > xxx.xxx.xx.xxx.23085: udp 98
14:36:48.521768 124.237.252.224.4041 > xxx.xxx.xx.xxx.23085: udp 98
14:36:48.586802 222.186.126.36.16881 > xxx.xxx.xx.xxx.23085: udp 98

那個 23085 port是什麼?

而我在iptables 下了如下兩行好像沒用?
iptables -A INPUT -p udp --dport 23085 -j DROP
iptables -A INPUT -p tcp --dport 23085 -j DROP

一樣來我這台23085 port的封包還是一直來..
我有下錯嗎?

netman

  • 管理員
  • 俺是博士!
  • *****
  • 文章數: 17484
    • 檢視個人資料
    • http://www.study-area.org
回覆: 請大家幫我看一段 TCPDUMP.
« 回覆 #1 於: 2010-03-15 08:46 »
將 -A 改為 -I 看看能否擋得住?